moflo 4.10.11 → 4.10.13

package/dist/src/cli/init/claudemd-generator.js

@@ -29,11 +29,11 @@ function mofloSection() {
 
 ### FIRST ACTION ON EVERY PROMPT: Search Memory
 
-Your first tool call MUST be \`mcp__moflo__memory_search\` — before any Glob/Grep/Read. Search \`guidance\`, \`patterns\`, and \`learnings\` every prompt; add \`code-map\` when navigating code, \`tests\` when looking for test inventory or coverage. When the user says "remember this", call \`mcp__moflo__memory_store\` with namespace \`learnings\`.
+Your first tool call MUST be \`mcp__moflo__memory_search\` — before any Glob/Grep/Read. Pick the namespace by question shape: \`code-map\` for "where is symbol X defined", \`tests\` for "what tests cover Y", \`patterns\` for "what's our pattern for Z", \`guidance\` for project rules, \`learnings\` for "did we hit this before". Pivot on the bare symbol/keyword (not a natural-language question), and trust similarity ≥ 0.80 as a confident hit. When the user says "remember this", call \`mcp__moflo__memory_store\` with namespace \`learnings\`.
 
 ### Traverse chunks, don't bulk-retrieve
 
-Search results carry a compact \`navigation\` crumb (parentDoc, prev/next, chunkTitle). For adjacent/sibling/hierarchical context use \`mcp__moflo__memory_get_neighbors\`; for full chunk content use \`mcp__moflo__memory_retrieve\`; \`Read\` the source doc only via \`parentPath\` when truly needed. Full protocol: \`.claude/guidance/moflo-memory-protocol.md\`.
+Search results carry a compact \`navigation\` crumb (parentDoc, prev/next, chunkTitle). For adjacent/sibling/hierarchical context use \`mcp__moflo__memory_get_neighbors\`; for full chunk content use \`mcp__moflo__memory_retrieve\`; \`Read\` the source doc only via \`parentPath\` when truly needed. Full protocol + worked examples per namespace: \`.claude/guidance/moflo-memory-protocol.md\`.
 
 ### Auto-enforced gates
 
@@ -48,6 +48,10 @@ Prefer MCP (\`mcp__moflo__*\` — memory, swarm, agent, task, hooks, hive-mind,
 
 After \`npm install\` touches moflo, check \`.moflo/restart-pending.json\` — if present, surface its \`message\` field to the user verbatim, then delete the file. (Claude Code only loads new hooks/MCP/launcher at session start.)
 
+### Monorepos
+
+Moflo state lives at the monorepo root \`.moflo/\` — never run \`flo init\` inside a sub-workspace of an existing moflo project, or the MCP server and CLI silently bind to different daemons (issue #1174).
+
 ### Full Reference
 
 - Universal agent rules (memory protocol, git/PR conventions, file org, build/test): \`.claude/guidance/moflo-agent-rules.md\`

package/dist/src/cli/init/helpers-generator.js

@@ -276,11 +276,28 @@ var config = loadGateConfig();
 var command = process.argv[2];
 
 var EXEMPT = ['.claude/', '.claude\\\\', 'CLAUDE.md', 'MEMORY.md', 'workflow-state', 'node_modules', 'moflo.yaml'];
-var DANGEROUS = ['rm -rf /', 'format c:', 'del /s /q c:\\\\', ':(){:|:&};:', 'mkfs.', '> /dev/sda'];
+// #1171 — DANGEROUS gained PS additions to match the matcher widening that now
+// routes the PowerShell tool through check-dangerous-command. See bin/gate.cjs.
+var DANGEROUS = ['rm -rf /', 'format c:', 'del /s /q c:\\\\', ':(){:|:&};:', 'mkfs.', '> /dev/sda', 'remove-item -recurse -force c:\\\\', 'remove-item -recurse -force /', 'remove-item -recurse -force ~', 'format-volume', 'clear-disk'];
 // #1132 — Bash memory-first gate regexes. See bin/gate.cjs for documentation.
+// #1171 — READ_LIKE extended with PS-native exploration forms (Get-ChildItem -Recurse,
+// dir /s, Format-Hex). Plain Get-ChildItem stays uncovered (ls-equivalent).
 var CREDIT_MEMORY_SEARCH_RE = /semantic-search|memory search|memory retrieve|memory-search/;
-var READ_LIKE_BASH_RE = /^\\s*(?:cat|head|tail|less|more|bat|xxd|od|hexdump)\\b|^\\s*(?:grep|rg|ag|fgrep|egrep|find|fd)\\b|^\\s*sed\\s+-n\\b|^\\s*awk\\s+(?!.*<<)|^\\s*type\\s+\\S*[\\\\/.]|^\\s*(?:Get-Content|gc|Select-String|sls)\\b/i;
+var READ_LIKE_BASH_RE = /^\\s*(?:cat|head|tail|less|more|bat|xxd|od|hexdump)\\b|^\\s*(?:grep|rg|ag|fgrep|egrep|find|fd)\\b|^\\s*sed\\s+-n\\b|^\\s*awk\\s+(?!.*<<)|^\\s*type\\s+\\S*[\\\\/.]|^\\s*(?:Get-Content|gc|Select-String|sls)\\b|^\\s*(?:Get-ChildItem|gci)\\b[^|]*-Recurse\\b|^\\s*dir\\b[^|]*\\s\\/[sS]\\b|^\\s*Format-Hex\\b/i;
 var BASH_CARVE_OUT_RE = /^\\s*(npm|npx|pnpm|yarn|bun|node|deno|tsx|ts-node)\\s|^\\s*(git|gh|hub)\\s|^\\s*(docker|kubectl|helm|terraform)\\s|^\\s*(curl|wget|http|fetch)\\s|^\\s*(jq|yq|xq)\\s|^\\s*(echo|printf|true|false|sleep|test|\\[)\\s|^\\s*cat\\s+(<<|<<<)|^\\s*cat\\s+[^|]*\\s*>|^\\s*tee\\b|^\\s*find\\s+.+?-(delete|exec\\s+rm)\\b/;
+// #1171 follow-up — strip quoted bodies + heredocs before DANGEROUS substring
+// match so git commit messages with dangerous-shaped text in quoted bodies do
+// not trip the gate. See bin/gate.cjs for the full rationale. Command-sub
+// bodies are intentionally not stripped (those execute).
+function stripQuotedAndHeredocs(cmd) {
+  var out = cmd;
+  out = out.replace(/<<-?\\s*['"]?[\\w-]+['"]?[\\s\\S]*$/, '');
+  out = out.replace(/<<<\\s*\\S+/g, '');
+  out = out.replace(/'[^']*'/g, "''");
+  out = out.replace(/"(?:[^"\\\\]|\\\\.)*"/g, '""');
+  return out;
+}
+
 var DIRECTIVE_RE = /^(yes|no|yeah|yep|nope|sure|ok|okay|correct|right|exactly|perfect)\\b/i;
 var TASK_RE = /\\b(fix|bug|error|implement|add|create|build|write|refactor|debug|test|feature|issue|security|optimi)\\b/i;
 
@@ -585,7 +602,10 @@ switch (command) {
     process.exit(2);
   }
   case 'check-dangerous-command': {
-    var cmd = (process.env.TOOL_INPUT_command || '').toLowerCase();
+    // #1171 follow-up — strip quoted bodies + heredocs before substring match.
+    // See bin/gate.cjs for full rationale.
+    var raw = process.env.TOOL_INPUT_command || '';
+    var cmd = stripQuotedAndHeredocs(raw).toLowerCase();
     for (var i = 0; i < DANGEROUS.length; i++) {
       if (cmd.indexOf(DANGEROUS[i]) >= 0) {
         console.log('[BLOCKED] Dangerous command: ' + DANGEROUS[i]);

package/dist/src/cli/init/moflo-init.js

@@ -219,7 +219,8 @@ function generateHooks(root, force, answers) {
                 "hooks": [{ "type": "command", "command": gateHook('check-before-read'), "timeout": 3000 }]
             },
             {
-                "matcher": "^Bash$",
+                // #1171 — widened to cover the dedicated `PowerShell` tool.
+                "matcher": "^(Bash|PowerShell)$",
                 "hooks": [
                     { "type": "command", "command": gateHook('check-dangerous-command'), "timeout": 2000 },
                     { "type": "command", "command": gateHook('check-before-pr'), "timeout": 2000 }
@@ -253,7 +254,8 @@ function generateHooks(root, force, answers) {
                 "hooks": [{ "type": "command", "command": gate('record-task-created'), "timeout": 2000 }]
             },
             {
-                "matcher": "^Bash$",
+                // #1171 — widened to cover the dedicated `PowerShell` tool.
+                "matcher": "^(Bash|PowerShell)$",
                 "hooks": [
                     { "type": "command", "command": gateHook('check-bash-memory'), "timeout": 2000 },
                     { "type": "command", "command": gateHook('record-test-run'), "timeout": 2000 }

package/dist/src/cli/init/settings-generator.js

@@ -229,12 +229,16 @@ function generateHooksConfig(config) {
                 hooks: [{ type: 'command', command: gateHookCmd('check-before-read'), timeout: 3000 }],
             },
             {
-                matcher: '^Bash$',
+                // #1171 — widened from `^Bash$` to also cover the dedicated `PowerShell`
+                // tool that Claude Code exposes on Windows. Without this, PS-tool calls
+                // route around every Bash-anchored gate (dangerous-command, pr, memory).
+                matcher: '^(Bash|PowerShell)$',
                 hooks: [
                     { type: 'command', command: gateHookCmd('check-dangerous-command'), timeout: 2000 },
                     { type: 'command', command: gateHookCmd('check-before-pr'), timeout: 2000 },
                     // #1132 — moved from PostToolUse so process.exit(2) actually blocks
-                    // read-like Bash that bypasses the Read/Glob/Grep gates via the shell.
+                    // read-like shell commands that bypass the Read/Glob/Grep gates.
+                    // Name kept for backwards compat; covers PowerShell readers too.
                     { type: 'command', command: gateHookCmd('check-bash-memory'), timeout: 2000 },
                 ],
             },
@@ -273,7 +277,9 @@ function generateHooksConfig(config) {
                 hooks: [{ type: 'command', command: gateCmd('record-task-created'), timeout: 2000 }],
             },
             {
-                matcher: '^Bash$',
+                // #1171 — widened to cover the `PowerShell` tool so PS-invoked
+                // `npm test` / `pytest` etc. credit the testing gate the same as Bash.
+                matcher: '^(Bash|PowerShell)$',
                 hooks: [
                     // #1132 — check-bash-memory moved to PreToolUse (above).
                     { type: 'command', command: gateHookCmd('record-test-run'), timeout: 2000 },

package/dist/src/cli/mcp-server.js

@@ -62,6 +62,56 @@ function buildDefaultOptions() {
         daemonize: false,
     };
 }
+/**
+ * Best-effort append to the MCP log file. Errors are swallowed — logging must
+ * never crash the MCP server. Used to capture server start, project root
+ * resolution, and per-request timing so we never repeat the 18-hour
+ * diagnostic blind window from #1174.
+ *
+ * Rotation: when the log exceeds {@link MCP_LOG_ROTATE_BYTES}, rename it to
+ * `<logFile>.1` (overwriting any previous rotated file). One rotation level
+ * keeps the most recent ~50MB of activity plus the previous ~50MB. A long-
+ * running session with heavy MCP traffic can otherwise write hundreds of MB.
+ *
+ * Cross-platform: uses fs.appendFileSync + fs.mkdirSync({recursive:true}) +
+ * fs.renameSync. All three work identically on Windows/macOS/Linux. Windows
+ * note: renameSync can fail with EBUSY if the file is open by another
+ * process; we use append-only here so no other writer should hold it, but
+ * the rename is wrapped in a try/catch so a transient rotation failure can't
+ * crash the MCP server (next append succeeds; rotation retries next time).
+ */
+const MCP_LOG_ROTATE_BYTES = 50 * 1024 * 1024;
+// Throttle rotation checks: batch spell scenarios can write thousands of
+// MCP requests per session. statSync per append is wasted syscalls — bucket
+// the check every N writes (and always on the very first call so cold-start
+// rotation still fires).
+const MCP_LOG_ROTATE_CHECK_EVERY = 100;
+let mcpAppendsSinceRotateCheck = MCP_LOG_ROTATE_CHECK_EVERY;
+function safeAppendMcpLog(logFile, event) {
+    try {
+        fs.mkdirSync(path.dirname(logFile), { recursive: true });
+        // Rotate before append so the very write that crosses the threshold
+        // lands in the fresh file rather than the rotated one.
+        if (++mcpAppendsSinceRotateCheck >= MCP_LOG_ROTATE_CHECK_EVERY) {
+            mcpAppendsSinceRotateCheck = 0;
+            try {
+                const stats = fs.statSync(logFile);
+                if (stats.size >= MCP_LOG_ROTATE_BYTES) {
+                    const rotated = `${logFile}.1`;
+                    try {
+                        fs.unlinkSync(rotated);
+                    }
+                    catch { /* may not exist */ }
+                    fs.renameSync(logFile, rotated);
+                }
+            }
+            catch { /* file may not exist yet; first write creates it */ }
+        }
+        const line = JSON.stringify({ ts: new Date().toISOString(), ...event }) + '\n';
+        fs.appendFileSync(logFile, line, 'utf-8');
+    }
+    catch { /* logging must never throw */ }
+}
 /**
  * MCP Server Manager
  *
@@ -253,6 +303,27 @@ export class MCPServerManager extends EventEmitter {
             sessionId,
             version: VERSION,
         }));
+        // Persistent log (#1174). The MCP server previously logged only to stderr,
+        // which Claude Code drops on the floor unless the user runs `claude
+        // --debug`. The 18-hour daemon-island incident took that long to diagnose
+        // partly because no on-disk log captured server start, the resolved
+        // project root, or the request stream. Default-on JSONL log fixes that.
+        const resolvedProjectRoot = findProjectRoot();
+        safeAppendMcpLog(this.options.logFile, {
+            event: 'server.start',
+            sessionId,
+            version: VERSION,
+            pid: process.pid,
+            ppid: process.ppid,
+            platform: process.platform,
+            arch: process.arch,
+            nodeVersion: process.version,
+            cwd: process.cwd(),
+            projectRoot: resolvedProjectRoot,
+            claudeProjectDir: process.env.CLAUDE_PROJECT_DIR || null,
+            pidFile: this.options.pidFile,
+            logFile: this.options.logFile,
+        });
         // Send server initialization notification
         console.log(JSON.stringify({
             jsonrpc: '2.0',
@@ -380,8 +451,16 @@ export class MCPServerManager extends EventEmitter {
                             },
                         },
                     };
-                case 'tools/list':
+                case 'tools/list': {
+                    const listStart = performance.now();
                     const tools = listMCPTools();
+                    const durationMs = performance.now() - listStart;
+                    safeAppendMcpLog(this.options.logFile, {
+                        event: 'tools/list',
+                        sessionId,
+                        count: tools.length,
+                        durationMs: Math.round(durationMs * 100) / 100,
+                    });
                     return {
                         jsonrpc: '2.0',
                         id: message.id,
@@ -393,18 +472,32 @@ export class MCPServerManager extends EventEmitter {
                             })),
                         },
                     };
-                case 'tools/call':
+                }
+                case 'tools/call': {
                     const toolName = params.name;
                     const toolParams = (params.arguments || {});
                     if (!hasTool(toolName)) {
+                        safeAppendMcpLog(this.options.logFile, {
+                            event: 'tools/call.unknown',
+                            sessionId,
+                            toolName,
+                        });
                         return {
                             jsonrpc: '2.0',
                             id: message.id,
                             error: { code: -32601, message: `Tool not found: ${toolName}` },
                         };
                     }
+                    const callStart = performance.now();
                     try {
                         const result = await callMCPTool(toolName, toolParams, { sessionId });
+                        const durationMs = performance.now() - callStart;
+                        safeAppendMcpLog(this.options.logFile, {
+                            event: 'tools/call.ok',
+                            sessionId,
+                            toolName,
+                            durationMs: Math.round(durationMs * 100) / 100,
+                        });
                         return {
                             jsonrpc: '2.0',
                             id: message.id,
@@ -412,6 +505,14 @@ export class MCPServerManager extends EventEmitter {
                         };
                     }
                     catch (error) {
+                        const durationMs = performance.now() - callStart;
+                        safeAppendMcpLog(this.options.logFile, {
+                            event: 'tools/call.error',
+                            sessionId,
+                            toolName,
+                            durationMs: Math.round(durationMs * 100) / 100,
+                            error: error instanceof Error ? error.message : 'Tool execution failed',
+                        });
                         return {
                             jsonrpc: '2.0',
                             id: message.id,
@@ -421,6 +522,7 @@ export class MCPServerManager extends EventEmitter {
                             },
                         };
                     }
+                }
                 case 'notifications/initialized':
                     // Client notification - no response needed
                     console.error(`[${new Date().toISOString()}] INFO [claude-flow-mcp] (${sessionId}) Client initialized`);

package/dist/src/cli/memory/ewc-consolidation.js

@@ -16,13 +16,15 @@
  * - Fisher Information Matrix computation from gradient history
  * - Online EWC updates for streaming patterns
  * - Selective consolidation based on pattern importance
- * - Persistent storage in .swarm/ewc-fisher.json
+ * - Persistent storage in .moflo/neural/ewc-fisher.json
+ *   (legacy fallback read: .swarm/ewc-fisher.json)
  *
  * @module v3/cli/memory/ewc-consolidation
  */
 import * as fs from 'fs';
 import * as path from 'path';
 import { errorDetail } from '../shared/utils/error-detail.js';
+import { legacySwarmPath, runtimePath } from '../services/moflo-paths.js';
 // ============================================================================
 // Default Configuration
 // ============================================================================
@@ -31,7 +33,6 @@ const DEFAULT_EWC_CONFIG = {
     maxPatterns: 1000,
     fisherDecayRate: 0.01,
     importanceThreshold: 0.3,
-    storagePath: path.join(process.cwd(), '.swarm', 'ewc-fisher.json'),
     onlineMode: true,
     dimensions: 384
 };
@@ -51,7 +52,15 @@ export class EWCConsolidator {
     consolidationHistory = [];
     initialized = false;
     constructor(config) {
-        this.config = { ...DEFAULT_EWC_CONFIG, ...config };
+        // Resolve storagePath lazily here (#1168) — the default routes through
+        // findProjectRoot at construct-time, not module-load time. Default-rescue
+        // runs *last* so an explicit `storagePath: undefined` falls back to the
+        // canonical path instead of leaving the field undefined.
+        this.config = {
+            ...DEFAULT_EWC_CONFIG,
+            ...config,
+            storagePath: config?.storagePath ?? runtimePath('neural', 'ewc-fisher.json'),
+        };
         this.globalFisher = new Array(this.config.dimensions).fill(0);
     }
     /**
@@ -447,10 +456,17 @@ export class EWCConsolidator {
      * Load state from disk
      */
     async loadFromDisk() {
-        if (!fs.existsSync(this.config.storagePath)) {
-            throw new Error('No persisted state found');
+        // Canonical path first, then legacy `.swarm/ewc-fisher.json` as a
+        // read-only fallback for consumers who upgraded mid-training (#1168).
+        let sourcePath = this.config.storagePath;
+        if (!fs.existsSync(sourcePath)) {
+            const legacy = legacySwarmPath('ewc-fisher.json');
+            if (!fs.existsSync(legacy)) {
+                throw new Error('No persisted state found');
+            }
+            sourcePath = legacy;
         }
-        const content = fs.readFileSync(this.config.storagePath, 'utf-8');
+        const content = fs.readFileSync(sourcePath, 'utf-8');
         const state = JSON.parse(content);
         // Validate version
         if (state.version !== '1.0.0') {

package/dist/src/cli/memory/sona-optimizer.js

@@ -8,17 +8,18 @@
  * - Processes trajectory outcomes from the spell-engine trajectory pipeline
  * - Extracts keywords from tasks for pattern matching
  * - Maintains learned routing patterns with confidence scoring
- * - Persists patterns to .swarm/sona-patterns.json
+ * - Persists patterns to .moflo/neural/sona-patterns.json
+ *   (legacy fallback read: .swarm/sona-patterns.json)
  * - Integrates with Q-learning router for combined routing
  *
  * @module v3/cli/memory/sona-optimizer
  */
 import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'fs';
-import { dirname, join } from 'path';
+import { dirname, isAbsolute, resolve } from 'path';
+import { legacySwarmPath, runtimePath } from '../services/moflo-paths.js';
 // ============================================================================
 // Constants
 // ============================================================================
-const DEFAULT_PERSISTENCE_PATH = '.swarm/sona-patterns.json';
 const PATTERN_VERSION = '1.0.0';
 const MIN_CONFIDENCE = 0.1;
 const MAX_CONFIDENCE = 0.99;
@@ -105,7 +106,12 @@ export class SONAOptimizer {
     qLearningRouter = null;
     qLearningEnabled = false;
     constructor(options) {
-        this.persistencePath = options?.persistencePath || DEFAULT_PERSISTENCE_PATH;
+        // Resolve persistencePath lazily here (#1168). When the caller supplies
+        // one we honor it verbatim (may be relative — preserved for existing
+        // tests/callers that join against their own cwd). When unset, we route
+        // through runtimePath so writes land under `.moflo/neural/` regardless
+        // of subprocess cwd.
+        this.persistencePath = options?.persistencePath || runtimePath('neural', 'sona-patterns.json');
     }
     /**
      * Initialize the optimizer and load persisted state
@@ -499,9 +505,17 @@ export class SONAOptimizer {
      */
     loadFromDisk() {
         try {
-            const fullPath = join(process.cwd(), this.persistencePath);
+            // Treat absolute persistencePath verbatim (new #1168 default routes
+            // through runtimePath → absolute `.moflo/neural/...`); relative paths
+            // preserve the pre-#1168 behaviour of resolving against cwd.
+            let fullPath = isAbsolute(this.persistencePath)
+                ? this.persistencePath
+                : resolve(process.cwd(), this.persistencePath);
             if (!existsSync(fullPath)) {
-                return false;
+                const legacy = legacySwarmPath('sona-patterns.json');
+                if (!existsSync(legacy))
+                    return false;
+                fullPath = legacy;
             }
             const data = readFileSync(fullPath, 'utf-8');
             const state = JSON.parse(data);
@@ -536,7 +550,11 @@ export class SONAOptimizer {
      */
     saveToDisk() {
         try {
-            const fullPath = join(process.cwd(), this.persistencePath);
+            // See loadFromDisk: absolute persistencePath is taken verbatim, relative
+            // paths resolve against cwd. New #1168 default writes to `.moflo/neural/`.
+            const fullPath = isAbsolute(this.persistencePath)
+                ? this.persistencePath
+                : resolve(process.cwd(), this.persistencePath);
             const dir = dirname(fullPath);
             // Ensure directory exists
             if (!existsSync(dir)) {

package/dist/src/cli/movector/lora-adapter.js

@@ -8,7 +8,7 @@
  * - Rank decomposition (r << d) for memory efficiency
  * - Additive weight updates: W' = W + BA (where B ∈ R^{d×r}, A ∈ R^{r×k})
  * - Support for multiple adaptation heads
- * - Persistence to .swarm/lora-weights.json
+ * - Persistence to .moflo/movector/lora-weights.json (legacy fallback: .swarm/lora-weights.json)
  *
  * Memory savings:
  * - Original: d × k parameters
@@ -18,7 +18,8 @@
  * @module lora-adapter
  */
 import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'fs';
-import { dirname, join } from 'path';
+import { dirname } from 'path';
+import { legacySwarmPath, runtimePath } from '../services/moflo-paths.js';
 // ============================================================================
 // Types & Constants
 // ============================================================================
@@ -47,7 +48,6 @@ const DEFAULT_CONFIG = {
     inputDim: INPUT_DIM,
     outputDim: OUTPUT_DIM,
     learningRate: 0.001,
-    weightsPath: join(process.cwd(), '.swarm', 'lora-weights.json'),
     enableDropout: true,
     dropoutProb: 0.1,
     autoSaveInterval: 50,
@@ -67,7 +67,16 @@ export class LoRAAdapter {
     lastUpdate = null;
     updatesSinceLastSave = 0;
     constructor(config) {
-        this.config = { ...DEFAULT_CONFIG, ...config };
+        // Resolve weightsPath lazily here, not at module load — captures the
+        // *current* consumer project root, not the cwd at first import (#1168).
+        // Default-rescue runs *last* so an explicit `weightsPath: undefined` from
+        // the caller still falls back to the canonical path instead of crashing
+        // save/load on an undefined string.
+        this.config = {
+            ...DEFAULT_CONFIG,
+            ...config,
+            weightsPath: config?.weightsPath ?? runtimePath('movector', 'lora-weights.json'),
+        };
         this.weights = this.initializeWeights();
     }
     /**
@@ -309,10 +318,16 @@ export class LoRAAdapter {
      */
     loadWeights() {
         try {
-            if (!existsSync(this.config.weightsPath)) {
-                return false;
+            // Canonical path first, then legacy `.swarm/lora-weights.json` as a
+            // read-only fallback for consumers who upgraded mid-training (#1168).
+            let sourcePath = this.config.weightsPath;
+            if (!existsSync(sourcePath)) {
+                const legacy = legacySwarmPath('lora-weights.json');
+                if (!existsSync(legacy))
+                    return false;
+                sourcePath = legacy;
             }
-            const content = readFileSync(this.config.weightsPath, 'utf-8');
+            const content = readFileSync(sourcePath, 'utf-8');
             const data = JSON.parse(content);
             if (data.version !== 1) {
                 return false;

package/dist/src/cli/movector/moe-router.js

@@ -6,7 +6,8 @@
  * - Gating network for soft expert selection (top-k)
  * - Online weight updates via reward signals
  * - Load balancing with auxiliary loss
- * - Weight persistence to .swarm/moe-weights.json
+ * - Weight persistence to .moflo/movector/moe-weights.json
+ *   (legacy fallback read: .swarm/moe-weights.json)
  *
  * Architecture:
  * - Input: 384-dim task embedding (from ONNX)
@@ -17,6 +18,7 @@
  */
 import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'fs';
 import { dirname } from 'path';
+import { legacySwarmPath, runtimePath } from '../services/moflo-paths.js';
 /**
  * Expert names in order (index corresponds to expert slot)
  */
@@ -43,14 +45,15 @@ export const INPUT_DIM = 384;
  */
 export const HIDDEN_DIM = 128;
 /**
- * Default configuration
+ * Default configuration. `weightsPath` is overridden lazily in the
+ * MoERouter constructor (see #1168) so the path resolves against the
+ * consumer's project root, not the module-load cwd.
  */
 const DEFAULT_CONFIG = {
     topK: 2,
     learningRate: 0.01,
     temperature: 1.0,
     loadBalanceCoef: 0.01,
-    weightsPath: '.swarm/moe-weights.json',
     autoSaveInterval: 50,
     enableNoise: true,
     noiseStd: 0.1,
@@ -202,7 +205,15 @@ export class MoERouter {
     lastProbs = null;
     lastSelectedExperts = [];
     constructor(config = {}) {
-        this.config = { ...DEFAULT_CONFIG, ...config };
+        // Resolve weightsPath lazily here (#1168) — the default routes through
+        // findProjectRoot at construct-time, not module-load time. Default-rescue
+        // runs *last* so an explicit `weightsPath: undefined` falls back to the
+        // canonical path instead of leaving the field undefined.
+        this.config = {
+            ...DEFAULT_CONFIG,
+            ...config,
+            weightsPath: config.weightsPath ?? runtimePath('movector', 'moe-weights.json'),
+        };
         // Initialize weights
         this.W1 = xavierInit(INPUT_DIM, HIDDEN_DIM);
         this.b1 = new Float32Array(HIDDEN_DIM);
@@ -445,10 +456,15 @@ export class MoERouter {
      * Load weights from persistence file
      */
     async loadWeights(path) {
-        const weightsPath = path || this.config.weightsPath;
+        // Canonical path first, then legacy `.swarm/moe-weights.json` as a
+        // read-only fallback for consumers who upgraded mid-training (#1168).
+        let weightsPath = path || this.config.weightsPath;
         try {
             if (!existsSync(weightsPath)) {
-                return false;
+                const legacy = legacySwarmPath('moe-weights.json');
+                if (!existsSync(legacy))
+                    return false;
+                weightsPath = legacy;
             }
             const data = readFileSync(weightsPath, 'utf-8');
             const model = JSON.parse(data);

package/dist/src/cli/services/hook-block-hash.js

@@ -56,7 +56,9 @@ export function getReferenceHookBlock() {
             { matcher: '^(Glob|Grep)$', hooks: [gateHook('check-before-scan', 3000)] },
             { matcher: '^Read$', hooks: [gateHook('check-before-read', 3000)] },
             {
-                matcher: '^Bash$',
+                // #1171 — widened to cover `PowerShell` tool; without this PS-tool
+                // calls bypass the dangerous/pr/memory gates on Windows.
+                matcher: '^(Bash|PowerShell)$',
                 hooks: [
                     gateHook('check-dangerous-command', 2000),
                     gateHook('check-before-pr', 2000),
@@ -78,7 +80,8 @@ export function getReferenceHookBlock() {
             { matcher: '^TaskCreate$', hooks: [gateCjs('record-task-created', 2000)] },
             {
                 // #1132 — check-bash-memory moved to PreToolUse (above).
-                matcher: '^Bash$',
+                // #1171 — widened to cover `PowerShell` tool.
+                matcher: '^(Bash|PowerShell)$',
                 hooks: [gateHook('record-test-run', 2000)],
             },
             { matcher: '^Skill$', hooks: [gateHook('record-skill-run', 2000)] },

package/dist/src/cli/services/hook-wiring.js

@@ -45,8 +45,10 @@ export const REQUIRED_HOOK_WIRING = [
 export const HOOK_ENTRY_MAP = {
     'check-before-scan': { event: 'PreToolUse', matcher: '^(Glob|Grep)$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" check-before-scan', timeout: 3000 } },
     'check-before-read': { event: 'PreToolUse', matcher: '^Read$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" check-before-read', timeout: 3000 } },
-    'check-dangerous-command': { event: 'PreToolUse', matcher: '^Bash$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" check-dangerous-command', timeout: 2000 } },
-    'check-before-pr': { event: 'PreToolUse', matcher: '^Bash$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" check-before-pr', timeout: 2000 } },
+    // #1171 — matchers widened to cover `PowerShell` tool; the gate logic was
+    // always shell-agnostic but the matcher was Bash-anchored, leaving a bypass.
+    'check-dangerous-command': { event: 'PreToolUse', matcher: '^(Bash|PowerShell)$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" check-dangerous-command', timeout: 2000 } },
+    'check-before-pr': { event: 'PreToolUse', matcher: '^(Bash|PowerShell)$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" check-before-pr', timeout: 2000 } },
     'record-task-created': { event: 'PostToolUse', matcher: '^TaskCreate$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate.cjs" record-task-created', timeout: 2000 } },
     // record-memory-searched MUST go through gate-hook.mjs (not gate.cjs directly)
     // — the wrapper forwards Claude Code's session_id as HOOK_SESSION_ID, which
@@ -58,8 +60,10 @@ export const HOOK_ENTRY_MAP = {
     'record-memory-searched': { event: 'PostToolUse', matcher: '^mcp__moflo__memory_(search|retrieve|list|stats|store)$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" record-memory-searched', timeout: 3000 } },
     'check-task-transition': { event: 'PostToolUse', matcher: '^TaskUpdate$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate.cjs" check-task-transition', timeout: 2000 } },
     'record-learnings-stored': { event: 'PostToolUse', matcher: '^mcp__moflo__memory_store$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate.cjs" record-learnings-stored', timeout: 2000 } },
-    'check-bash-memory': { event: 'PostToolUse', matcher: '^Bash$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" check-bash-memory', timeout: 2000 } },
-    'record-test-run': { event: 'PostToolUse', matcher: '^Bash$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" record-test-run', timeout: 2000 } },
+    // #1171 — widened to ^(Bash|PowerShell)$ so PS reads / PS-invoked tests credit
+    // the same gates as Bash. Name kept as `check-bash-memory` for backwards compat.
+    'check-bash-memory': { event: 'PostToolUse', matcher: '^(Bash|PowerShell)$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" check-bash-memory', timeout: 2000 } },
+    'record-test-run': { event: 'PostToolUse', matcher: '^(Bash|PowerShell)$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" record-test-run', timeout: 2000 } },
     'record-skill-run': { event: 'PostToolUse', matcher: '^Skill$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" record-skill-run', timeout: 2000 } },
     'reset-edit-gates': { event: 'PostToolUse', matcher: '^(Write|Edit|MultiEdit)$', hook: { type: 'command', command: 'node "$CLAUDE_PROJECT_DIR/.claude/helpers/gate-hook.mjs" reset-edit-gates', timeout: 2000 } },
     // #931 — Agent-time advisory; never blocks. Pulled the TaskCreate REMINDER
@@ -165,6 +169,36 @@ export const MATCHER_REWRITE_RULES = [
         to: '^mcp__moflo__memory_(search|retrieve|list|stats|store)$',
         cmdContains: 'record-memory-searched',
     },
+    // Issue #1171 — widen Bash-only matchers to cover the dedicated `PowerShell`
+    // tool Claude Code exposes on Windows. The gate logic itself was already
+    // shell-agnostic (gate.cjs READ_LIKE_BASH_RE matched `Get-Content`/`Select-String`/etc.)
+    // but a Bash-anchored matcher meant PS-tool calls never reached the gate.
+    // One rewrite per gate command keeps the `cmdContains` guard precise, so an
+    // unrelated user-customised `^Bash$` block doesn't get widened.
+    {
+        name: '#1171: widen check-dangerous-command matcher to PowerShell',
+        from: '^Bash$',
+        to: '^(Bash|PowerShell)$',
+        cmdContains: 'check-dangerous-command',
+    },
+    {
+        name: '#1171: widen check-before-pr matcher to PowerShell',
+        from: '^Bash$',
+        to: '^(Bash|PowerShell)$',
+        cmdContains: 'check-before-pr',
+    },
+    {
+        name: '#1171: widen check-bash-memory matcher to PowerShell',
+        from: '^Bash$',
+        to: '^(Bash|PowerShell)$',
+        cmdContains: 'check-bash-memory',
+    },
+    {
+        name: '#1171: widen record-test-run matcher to PowerShell',
+        from: '^Bash$',
+        to: '^(Bash|PowerShell)$',
+        cmdContains: 'record-test-run',
+    },
 ];
 /**
  * Apply HOOK_REWRITE_RULES to every hook command in `settings.hooks.*`.